Twitter, Path and the privacy controversy over contact info and apps

Today we’re talking privacy, which has been a hot topic in the tech blogosphere lately — so much so that there’s been drama among those who write about tech news, some of whom also happen to invest in or have relationships with the companies and people they cover. But that’s beside the point. (If you’re really interested, here’s the must-read post on that.)

We touched briefly on the origin of this latest privacy brouhaha last week. It began with the discovery that Path, the San Francisco-based social network, was uploading its users’ iPhone contacts without permission. The company quickly apologized, but the controversy raised questions about what Path CEO Dave Morin claimed was an “industry best practice.” Now it turns out Twitter was also uploading iPhone users’ contacts and storing them for 18 months, without explicitly saying it was doing so, via its “Find Friends” feature. A Twitter spokeswoman told the Los Angeles Times yesterday that the San Francisco company would soon update the language it uses with the feature because “we want to be clear and transparent in our communications with users.”

Numerous reports now show many apps routinely upload users’ contacts, sometimes without explicit permission. Among them: Foursquare, although the location-based service/app has now updated the language it uses to disclose just what’s happening, according to the Verge, whose article also mentions many other apps that collect and/or store contact data. VentureBeat also names names, including Facebook, Yelp, Instagram and Foodspotting and other popular apps, whose approaches to disclosure and handling of that data vary.

To be clear here, the issue is not really about whether these apps are collecting the contact information — in most cases, the apps in question are those with a social component, so it makes sense that they would access users’ contacts — it’s about transparency and security. Are the companies being clear and honest about what they are collecting and what they are doing with it? And are they protecting that information? Whether or not smartphone users care about this latest privacy issue, one thing’s for sure: It’s causing companies to make changes, AllThingsD points out.

Speaking of changes, the VentureBeat report shows that some companies could do more to make sure that data is secure, and it quotes a couple of app developers who advocate a “hash” system that would allow app makers to identify contacts without actually seeing the information. Ars Technica, like VentureBeat, talked to people who say that the way Apple‘s iOS gives developer access to user contacts is part of the problem: “The way the iOS sandbox is designed is a one-size-fits-all model. All apps have the same sandbox permissions,” security-firm consultant Charlie Miller told Ars Technica.”In Android, each app has to request the specific permissions needed for the app to work.” Of course, Android smartphones have had their share of privacy- and security-related issues as well.


Share this Post

  • MT steve

    The modus operandi of social networking developers is that they don’t care about individual privacy because they are deliver a Nirvana experience like a GFE escort delivers…ahhh.

    Social networking seems cool, but it is an icy road to hell.

  • RedRat

    And people pooh-pooh me for not using Facebook and Twitter! I love my privacy and am not inclined to spread around any more information about myself that necessary. I think far too many people jump on these social bandwagons without looking into what they are opening themselves up to. Face the fact, all of these companies need monetize your use of their online business, they ain’t giving it away for free because they are good guys. They want something from YOU, telephone number, web-site, email account, whatever. That is where they make money–and that is what it is all about.